Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iUHbxde7-F9MVEVxkbcbPyFszg4.roa
File: iUHbxde7-F9MVEVxkbcbPyFszg4.roa (raw, json)
Hash identifier: I/OvnGia0mXGT1BLwbcZuh/2qHkb2YrHN3xOInQ2hNs=
Subject key identifier: 89:41:DB:C5:D7:BB:F8:5F:4C:54:45:71:91:B7:1B:3F:21:6C:CE:0E
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 09502E9D
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iUHbxde7-F9MVEVxkbcbPyFszg4.roa
Signing time: Tue 08 Feb 2022 07:01:08 +0000
ROA not before: Tue 08 Feb 2022 07:01:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8808
IP address blocks: 80.95.21.0/24 maxlen: 24
93.175.244.0/24 maxlen: 24
93.175.245.0/24 maxlen: 24
2a0d:3b40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156249757 (0x9502e9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Feb 8 07:01:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8941dbc5d7bbf85f4c54457191b71b3f216cce0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bf:ff:7b:04:2c:3c:30:cd:b5:57:06:b5:79:
f8:71:c3:e0:46:13:20:09:ca:cc:84:e7:c6:91:a9:
e9:5d:a9:55:56:b9:37:05:36:00:58:6a:bc:c3:fd:
86:70:31:2a:9e:32:bb:87:22:74:10:81:b2:f1:88:
c2:dc:10:87:e2:c9:64:98:04:24:b9:f3:2a:e6:8a:
46:87:05:08:fb:30:ff:14:77:35:c3:cb:fd:a0:ea:
2f:a1:61:d7:49:b4:c9:0a:ed:81:7b:41:71:f9:39:
68:6f:00:67:b0:5b:a3:bc:db:ab:8f:0a:29:91:3e:
82:65:8b:f5:0e:74:cb:b8:cd:c1:75:e5:cd:b8:c4:
09:1b:b0:df:e0:47:10:9a:2b:6a:ff:d8:3f:25:74:
38:42:25:90:26:50:a3:91:ce:32:8e:b9:cc:28:f0:
3a:05:43:27:b4:01:1d:f9:94:a9:d8:e0:e8:61:9f:
ca:60:e3:99:96:d9:67:83:c0:d3:57:4e:ba:ba:09:
ff:5b:da:33:94:93:4e:b0:ca:ad:d3:0c:40:21:af:
fb:bd:7e:42:35:8a:d7:2f:7c:5e:f4:17:1b:60:20:
cc:e6:41:d6:8b:da:69:30:2a:46:8c:13:18:e8:1c:
45:62:df:9f:5b:ae:27:42:8c:cf:b4:36:55:80:47:
77:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:41:DB:C5:D7:BB:F8:5F:4C:54:45:71:91:B7:1B:3F:21:6C:CE:0E
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/iUHbxde7-F9MVEVxkbcbPyFszg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.95.21.0/24
93.175.244.0/23
IPv6:
2a0d:3b40::/29
Signature Algorithm: sha256WithRSAEncryption
3f:72:78:d1:68:de:41:1a:ae:02:4a:72:db:78:26:6d:7b:a5:
61:f2:d1:03:a9:7a:41:74:db:ab:d4:4a:22:ff:d2:af:08:88:
8c:80:5f:50:9b:bf:8a:3a:b1:a7:9c:62:f9:05:ad:c7:14:81:
f0:77:5f:16:b2:94:5c:d4:ca:09:7a:92:39:07:ff:b6:83:10:
7a:c9:83:68:f7:39:0d:4a:b1:ad:da:c6:6d:af:d4:c7:91:34:
f5:d4:8d:db:0e:a8:d7:e5:bd:46:16:c0:fe:22:b8:55:13:28:
c3:06:c2:b6:10:c3:7a:86:87:34:05:96:2f:b6:27:3a:ab:7c:
9c:54:82:f6:ab:0b:87:16:97:4d:a3:83:8c:7a:b4:c4:1b:29:
d2:b4:45:5b:d1:4e:2a:11:76:33:da:fa:9f:1a:ce:9b:01:d3:
ff:e5:38:de:8a:b3:94:1a:bf:38:1a:ee:d0:09:5b:b7:27:40:
c7:34:8d:91:d7:83:8a:86:43:ae:06:ef:75:55:03:7e:ad:3b:
a1:53:58:35:5d:bb:aa:9f:b2:af:3a:f8:96:55:92:61:80:b7:
fc:e2:0a:92:84:a1:3c:7f:76:da:bf:c7:6a:ff:6d:1a:ec:27:
0d:c3:a8:25:df:92:2e:64:6f:63:cd:d1:9b:6c:b3:a7:01:6d:
3f:cf:f4:57
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECVAunTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDIw
ODA3MDEwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk0MWRiYzVkN2Ji
Zjg1ZjRjNTQ0NTcxOTFiNzFiM2YyMTZjY2UwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC//3sELDwwzbVXBrV5+HHD4EYTIAnKzITnxpGp6V2pVVa5
NwU2AFhqvMP9hnAxKp4yu4cidBCBsvGIwtwQh+LJZJgEJLnzKuaKRocFCPsw/xR3
NcPL/aDqL6Fh10m0yQrtgXtBcfk5aG8AZ7Bbo7zbq48KKZE+gmWL9Q50y7jNwXXl
zbjECRuw3+BHEJorav/YPyV0OEIlkCZQo5HOMo65zCjwOgVDJ7QBHfmUqdjg6GGf
ymDjmZbZZ4PA01dOuroJ/1vaM5STTrDKrdMMQCGv+71+QjWK1y98XvQXG2AgzOZB
1ovaaTAqRowTGOgcRWLfn1uuJ0KMz7Q2VYBHd4cCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSJQdvF17v4X0xURXGRtxs/IWzODjAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L2lVSGJ4ZGU3LUY5TVZFVnhrYmNiUHlGc3pnNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAFBfFQMEAV2v9DANBAIAAjAHAwUD
Kg07QDANBgkqhkiG9w0BAQsFAAOCAQEAP3J40WjeQRquAkpy23gmbXulYfLRA6l6
QXTbq9RKIv/SrwiIjIBfUJu/ijqxp5xi+QWtxxSB8HdfFrKUXNTKCXqSOQf/toMQ
esmDaPc5DUqxrdrGba/Ux5E09dSN2w6o1+W9RhbA/iK4VRMowwbCthDDeoaHNAWW
L7YnOqt8nFSC9qsLhxaXTaODjHq0xBsp0rRFW9FOKhF2M9r6nxrOmwHT/+U43oqz
lBq/OBru0AlbtydAxzSNkdeDioZDrgbvdVUDfq07oVNYNV27qp+yrzr4llWSYYC3
/OIKkoShPH922r/Hav9tGuwnDcOoJd+SLmRvY83Rm2yzpwFtP8/0Vw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:44 2023 by rpki-client on console-fra.rpki-client.org